1 |
commit: 818d43400b786c49c3806d7d6e838afd6580b937 |
2 |
Author: John Helmert III <ajak <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sun Aug 7 01:04:06 2022 +0000 |
4 |
Commit: John Helmert III <ajak <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Sep 6 22:38:54 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=818d4340 |
7 |
|
8 |
sys-firmware/edk2-ovmf: add 202202 |
9 |
|
10 |
Signed-off-by: John Helmert III <ajak <AT> gentoo.org> |
11 |
|
12 |
sys-firmware/edk2-ovmf/Manifest | 4 + |
13 |
sys-firmware/edk2-ovmf/edk2-ovmf-202202.ebuild | 148 +++++++++++++++++++++++++ |
14 |
2 files changed, 152 insertions(+) |
15 |
|
16 |
diff --git a/sys-firmware/edk2-ovmf/Manifest b/sys-firmware/edk2-ovmf/Manifest |
17 |
index 109f312f8e6e..91c1fe2e832c 100644 |
18 |
--- a/sys-firmware/edk2-ovmf/Manifest |
19 |
+++ b/sys-firmware/edk2-ovmf/Manifest |
20 |
@@ -1,5 +1,9 @@ |
21 |
DIST brotli-666c3280cc11dc433c303d79a83d4ffbdd12cc8d.tar.gz 23855739 BLAKE2B 7406ec5b29ac66afbcd7c1376bb3208f298d19b6592b2869c52173aa64947d58bd443f9a61c67deaf046be910a0e31c0b843e5508e97e0e1f5e7bce100d86904 SHA512 df8e90562c4fd7f0e787949df6bc4f5a165b39bd333f442d27874fe65640fbba268f9350d7113e6761a5acceb66d78e75f1a296e5a89b94574edf28109cdc812 |
22 |
+DIST brotli-f4153a09f87cbb9c826d8fc12c74642bb2d879ea.tar.gz 512229 BLAKE2B cd86cc2cc7eefad24f87cda8006409bf764922b5f23ccfb951e7a41214b12004ce532b11f94f5fb858b3bf71f9abf8ef17ba219fa96bd5be23b51873afad0fd5 SHA512 7f48e794e738b31c2005e7cef6d8c0cc0d543f1cd8c137ae8ba14602cac2873de6299a3f32ad52be869f513e7548341353ed049609daef1063975694d9a9b80b |
23 |
DIST edk2-ovmf-202105-qemu-firmware.tar.xz 672 BLAKE2B e87845a84c83f65db836fd054c81a4f3062d5e0fcc51aa0ecf9c2d23c8741f218d38ef737d140f5935ce8d9c34508e5f3b9f54bf9c547a391fa63cdc2ecf1233 SHA512 6100502f26db26e407dacce57c96b1abfd372bcb31767a068332afa09ac435a092fd2a73db27670d27c6e927c26e88315346bbac70578571108434b9683bd00c |
24 |
DIST edk2-ovmf-202105-r1-bin.tar.xz 2633188 BLAKE2B 93b4bd1c75da69406b5d27ac32d8b7c63dc8248bcd5d54832e520a4b009be4b7f215eb7d489ecb7cb16d31e02452dfa06b8fa709f37c44e59b4ff70a550076c7 SHA512 356c2110abce43da9c0654324e222cbbab7085e3aa23d1ba4c98011e4d4992a37d61fa45394305b748d119dba12f65d7c7d630b9f8038065ba4672d758c702be |
25 |
DIST edk2-ovmf-202105.tar.gz 13702868 BLAKE2B 3ec01d467562380ca2fd3bd807d2f6c55e4637c1afd71533f8f5b22cc634dc4c8cb63dab921677f8b315d17b3c9d0b6b00a0e2f3f8da61107033e9e81bf5a64d SHA512 c263345cbb243c63985f974a61f37c577a139d6a7099d2b8c9e1a553e5ebf16de12fb711b72624081c6bf637f8084bbf71731ab99e5747d81da460388ac25791 |
26 |
+DIST edk2-ovmf-202202-qemu-firmware.tar.xz 664 BLAKE2B 1aa4e25804ce0f3c967c80999315de24eaef6682e42dddd81c274ce4603ec3d15186de752de49e2527c6bd5517080c002a357ed6bc389b5afd6f7a4d93edeb44 SHA512 f9a29212274a99796784673d873e0eee7d3e2a5cf9e63192453841ee3a4ef4b813c7b2357fc7000f39c71ed6c66636daab772abb51d3972a2a56ade8a4c68faf |
27 |
+DIST edk2-ovmf-202202.tar.gz 14208170 BLAKE2B d8411e6808b335ccd551349a10c983b9448a357e73273fa6c30a07785e27feffed0224950ee98b668712c33f6739a9b006e5043b7dfd014f48dba9fd449b3354 SHA512 200690a4867331de06e0478869b85577bc510213ebe679f2103160efb84d94c82ac8481ef1f15c3e42c1e9f22b7c5ef0d6c8f2c655bce7702ce843551cf9bb83 |
28 |
+DIST openssl-d82e959e621a3d597f1e0d50ff8c2d8b96915fd7.tar.gz 10034310 BLAKE2B 6996979dc12a523d565830e7b0943feb682a376f71ddb6f20cb8b9976bb7f12e39f088abaa45d514933ef79c0e4a2933dc6f1af4774fedaa16e74c0081c358e7 SHA512 a89bc652dc4318c5e8a9c594a43d890ca05dfc1acd6b15e2a8ab8b5628b5f33994143ff8024230e07b9e67556b28ea3a5e36763aa72dec20b52022ca8c6f2a7e |
29 |
DIST openssl-e2e09d9fba1187f8d6aafaa34d4172f56f1ffb72.tar.gz 9981169 BLAKE2B 33aac7364cdd45fec5654ab6caef84e1a829464380419c8a6bb311055c5a01c0aaff6e046a7c541a87e908fa9d26bae652f5be901461d03df36f2522f9c34b0c SHA512 db2087c04f0b428b3f4e1c8b3ac53cce69e0fd331ed2b86ba00facafd1685864d73f71c13eee48f4fe0af2bddad848f84a2b8ed2a17fabdf7fa2ed7d9eb39371 |
30 |
|
31 |
diff --git a/sys-firmware/edk2-ovmf/edk2-ovmf-202202.ebuild b/sys-firmware/edk2-ovmf/edk2-ovmf-202202.ebuild |
32 |
new file mode 100644 |
33 |
index 000000000000..84319b7c4af0 |
34 |
--- /dev/null |
35 |
+++ b/sys-firmware/edk2-ovmf/edk2-ovmf-202202.ebuild |
36 |
@@ -0,0 +1,148 @@ |
37 |
+# Copyright 1999-2022 Gentoo Authors |
38 |
+# Distributed under the terms of the GNU General Public License v2 |
39 |
+ |
40 |
+EAPI=8 |
41 |
+ |
42 |
+PYTHON_REQ_USE="sqlite" |
43 |
+PYTHON_COMPAT=( python3_{8,9,10} ) |
44 |
+ |
45 |
+inherit python-any-r1 readme.gentoo-r1 |
46 |
+ |
47 |
+DESCRIPTION="UEFI firmware for 64-bit x86 virtual machines" |
48 |
+HOMEPAGE="https://github.com/tianocore/edk2" |
49 |
+ |
50 |
+BUNDLED_OPENSSL_SUBMODULE_SHA="d82e959e621a3d597f1e0d50ff8c2d8b96915fd7" |
51 |
+BUNDLED_BROTLI_SUBMODULE_SHA="f4153a09f87cbb9c826d8fc12c74642bb2d879ea" |
52 |
+ |
53 |
+# TODO: talk with tamiko about unbundling (mva) |
54 |
+ |
55 |
+# TODO: the binary 202105 package currently lacks the preseeded |
56 |
+# OVMF_VARS.secboot.fd file (that we typically get from fedora) |
57 |
+ |
58 |
+SRC_URI="https://github.com/tianocore/edk2/archive/edk2-stable${PV}.tar.gz -> ${P}.tar.gz |
59 |
+ https://github.com/openssl/openssl/archive/${BUNDLED_OPENSSL_SUBMODULE_SHA}.tar.gz -> openssl-${BUNDLED_OPENSSL_SUBMODULE_SHA}.tar.gz |
60 |
+ https://github.com/google/brotli/archive/${BUNDLED_BROTLI_SUBMODULE_SHA}.tar.gz -> brotli-${BUNDLED_BROTLI_SUBMODULE_SHA}.tar.gz |
61 |
+ https://dev.gentoo.org/~ajak/distfiles/${P}-qemu-firmware.tar.xz" |
62 |
+ |
63 |
+LICENSE="BSD-2 MIT" |
64 |
+SLOT="0" |
65 |
+#KEYWORDS="~amd64" |
66 |
+ |
67 |
+BDEPEND="app-emulation/qemu |
68 |
+ >=dev-lang/nasm-2.0.7 |
69 |
+ >=sys-power/iasl-20160729 |
70 |
+ ${PYTHON_DEPS}" |
71 |
+RDEPEND="!sys-firmware/edk2-ovmf-bin" |
72 |
+ |
73 |
+PATCHES=( |
74 |
+ "${FILESDIR}/${PN}-202105-werror.patch" |
75 |
+) |
76 |
+ |
77 |
+S="${WORKDIR}/edk2-edk2-stable${PV}" |
78 |
+ |
79 |
+DISABLE_AUTOFORMATTING=true |
80 |
+DOC_CONTENTS="This package contains the tianocore edk2 UEFI firmware for 64-bit x86 |
81 |
+virtual machines. The firmware is located under |
82 |
+ /usr/share/edk2-ovmf/OVMF_CODE.fd |
83 |
+ /usr/share/edk2-ovmf/OVMF_VARS.fd |
84 |
+ /usr/share/edk2-ovmf/OVMF_CODE.secboot.fd |
85 |
+ |
86 |
+If USE=binary is enabled, we also install an OVMF variables file (coming from |
87 |
+fedora) that contains secureboot default keys |
88 |
+ |
89 |
+ /usr/share/edk2-ovmf/OVMF_VARS.secboot.fd |
90 |
+ |
91 |
+If you have compiled this package by hand, you need to either populate all |
92 |
+necessary EFI variables by hand by booting |
93 |
+ /usr/share/edk2-ovmf/UefiShell.(iso|img) |
94 |
+or creating OVMF_VARS.secboot.fd by hand: |
95 |
+ https://github.com/puiterwijk/qemu-ovmf-secureboot |
96 |
+ |
97 |
+The firmware does not support csm (due to no free csm implementation |
98 |
+available). If you need a firmware with csm support you have to download |
99 |
+one for yourself. Firmware blobs are commonly labeled |
100 |
+ OVMF{,_CODE,_VARS}-with-csm.fd |
101 |
+ |
102 |
+In order to use the firmware you can run qemu the following way |
103 |
+ |
104 |
+ $ qemu-system-x86_64 \ |
105 |
+ -drive file=/usr/share/edk2-ovmf/OVMF.fd,if=pflash,format=raw,unit=0,readonly=on \ |
106 |
+ ..." |
107 |
+ |
108 |
+src_prepare() { |
109 |
+ # Bundled submodules |
110 |
+ cp -rl "${WORKDIR}/openssl-${BUNDLED_OPENSSL_SUBMODULE_SHA}"/* "CryptoPkg/Library/OpensslLib/openssl/" |
111 |
+ cp -rl "${WORKDIR}/brotli-${BUNDLED_BROTLI_SUBMODULE_SHA}"/* "BaseTools/Source/C/BrotliCompress/brotli/" |
112 |
+ cp -rl "${WORKDIR}/brotli-${BUNDLED_BROTLI_SUBMODULE_SHA}"/* "MdeModulePkg/Library/BrotliCustomDecompressLib/brotli/" |
113 |
+ |
114 |
+ sed -i -r \ |
115 |
+ -e "/function SetupPython3/,/\}/{s,\\\$\(whereis python3\),${EPYTHON},g}" \ |
116 |
+ "${S}"/edksetup.sh || die "Fixing for correct Python3 support failed" |
117 |
+ |
118 |
+ default |
119 |
+} |
120 |
+ |
121 |
+src_compile() { |
122 |
+ TARGET_ARCH=X64 |
123 |
+ TARGET_NAME=RELEASE |
124 |
+ TARGET_TOOLS=GCC49 |
125 |
+ |
126 |
+ BUILD_FLAGS="-D TLS_ENABLE \ |
127 |
+ -D HTTP_BOOT_ENABLE \ |
128 |
+ -D NETWORK_IP6_ENABLE \ |
129 |
+ -D TPM_ENABLE \ |
130 |
+ -D TPM2_ENABLE -D TPM2_CONFIG_ENABLE \ |
131 |
+ -D FD_SIZE_2MB" |
132 |
+ |
133 |
+ SECUREBOOT_BUILD_FLAGS="${BUILD_FLAGS} \ |
134 |
+ -D SECURE_BOOT_ENABLE \ |
135 |
+ -D SMM_REQUIRE \ |
136 |
+ -D EXCLUDE_SHELL_FROM_FD" |
137 |
+ |
138 |
+ emake ARCH=${TARGET_ARCH} -C BaseTools |
139 |
+ |
140 |
+ . ./edksetup.sh |
141 |
+ |
142 |
+ # Build all EFI firmware blobs: |
143 |
+ |
144 |
+ mkdir -p ovmf |
145 |
+ |
146 |
+ ./OvmfPkg/build.sh \ |
147 |
+ -a "${TARGET_ARCH}" -b "${TARGET_NAME}" -t "${TARGET_TOOLS}" \ |
148 |
+ ${BUILD_FLAGS} || die "OvmfPkg/build.sh failed" |
149 |
+ |
150 |
+ cp Build/OvmfX64/*/FV/OVMF_*.fd ovmf/ |
151 |
+ rm -rf Build/OvmfX64 |
152 |
+ |
153 |
+ ./OvmfPkg/build.sh \ |
154 |
+ -a "${TARGET_ARCH}" -b "${TARGET_NAME}" -t "${TARGET_TOOLS}" \ |
155 |
+ ${SECUREBOOT_BUILD_FLAGS} || die "OvmfPkg/build.sh failed" |
156 |
+ |
157 |
+ cp Build/OvmfX64/*/FV/OVMF_CODE.fd ovmf/OVMF_CODE.secboot.fd || die "cp failed" |
158 |
+ cp Build/OvmfX64/*/X64/Shell.efi ovmf/ || die "cp failed" |
159 |
+ cp Build/OvmfX64/*/X64/EnrollDefaultKeys.efi ovmf || die "cp failed" |
160 |
+ |
161 |
+ # Build a convenience UefiShell.img: |
162 |
+ |
163 |
+ mkdir -p iso_image/efi/boot || die "mkdir failed" |
164 |
+ cp ovmf/Shell.efi iso_image/efi/boot/bootx64.efi || die "cp failed" |
165 |
+ cp ovmf/EnrollDefaultKeys.efi iso_image || die "cp failed" |
166 |
+ qemu-img convert --image-opts \ |
167 |
+ driver=vvfat,floppy=on,fat-type=12,label=UEFI_SHELL,dir=iso_image \ |
168 |
+ ovmf/UefiShell.img || die "qemu-img failed" |
169 |
+} |
170 |
+ |
171 |
+src_install() { |
172 |
+ insinto /usr/share/${PN} |
173 |
+ doins ovmf/* |
174 |
+ |
175 |
+ insinto /usr/share/qemu/firmware |
176 |
+ doins qemu/* |
177 |
+ rm "${ED}"/usr/share/qemu/firmware/40-edk2-ovmf-x64-sb-enrolled.json || die "rm failed" |
178 |
+ |
179 |
+ readme.gentoo_create_doc |
180 |
+} |
181 |
+ |
182 |
+pkg_postinst() { |
183 |
+ readme.gentoo_print_elog |
184 |
+} |